The goal of this book is to teach you to think like a computer scientist. I like the way computer scientists think because they combine some of the best features of Mathematics, Engineering, and Natural Science. Like mathematicians, computer scientists use formal languages to denote ideas (specifically computations). Like engineers, they design things, assembling components into systems and evaluating tradeoffs among alternatives. Like scientists, they observe the behavior of complex systems, form hypotheses, and test predictions. The single most important skill for a computer scientist is problem-solving. By that I mean the ability to formulate problems, think creatively about solutions, and express a solution clearly and accurately. As it turns out, the process of learning to program is an excellent opportunity to practice problem-solving skills. That's why this chapter is called "The way of the program."

The reason for creating the taxonomy is to provide better understanding of the smells and to recognize the relationships between smells. I feel that with a long flat list of the code smells it is easy to lose the overall picture (at least that happened to me when I first studied the list of code smells in (Fowler&Beck 2000)). Thus, here is a taxonomy of five groups.

The cost impact to a company of a failed project can be severe indeed. The impact on the reputation of the project manager can be disastrous.Numerous methodologies are available for mitigating these risks – PRINCE2, RUP, DSDN, eXtreme programming – and these have helped to some extent. This document introduces the 3D™ methodology – a set of best practices and quality tools developed by BuildMonkey, which can be summarised as: De-risk. Deploy. Deliver.

The term reversibility in the context of software development means the possibility of propagating independent changes made to the resulting source code back into the design and analysis models of earlier phases, so these can be kept up to date with what is actually executed.

While many developers are aware of the threats posed by malicious code, and by SQL injection attacks in particular, there are other forms of code injection that are equally dangerous. Learn more about XPath injection, LDAP injection, and command execution injection and view examples of each type of attack. In addition, learn why many preventative actions that are commonly suggested to developers are not helpful, and discover how the creation of whitelists and blacklists can help to protect an application from malicious code injection attacks.

Domain-specific languages are a natural extension to code libraries and frameworks, making their use faster, easier and more consistent. This article describes how to define modeling languages on top of a library or a framework.

A brute force attack, also known as a dictionary attack, is one of the more uncomplicated attacks available to a hacker. However, the odds of this type of attack succeeding can be very high if a site is not configured properly. Learn more about what can be done to defend a site against a brute force attack - including implementing incremental delays and carefully wording error messages - and which defensive strategies don't work.